Turn off "active content" features of the browser, including its use of
ActiveX controls,
Java applets, JavaScript and other forms of scripting.

Many readers will not be familiar with these aspects of their browser or
even how to perform these tasks,
all of which are actually quite simple. To help you get started protecting your
privacy and security online, this introductory page contains tips and info to guide
you through the basic browser configuration tasks that you should perform. This
page also points you to
some readings on the web that explain why a user like you might want to perform these tasks.

Although most major web browsers are substantially similar to each
other in many respects, there are differences. Thus, it's important to know which web browser and
what version you're using. All of the companion pages to this page
(see below) contain
instructions to help you figure out which browser version you're using. Most web
browsers give you detailed version information when you click Help >>
About from the menu bar.

Companion Pages

There are seven companion pages to this one to help you understand
web browser privacy and security, no matter which of the major browsers you
happen to be using. There are companion pages for:

Also, there is a separate page for AOL
that covers preferences unique to that online software suite. (AOL
users should read the Internet
Explorer page as well, because the AOL web browser is really just
Internet Explorer with a slightly changed face.)

You can read those pages independently of this page, or you can move on to the
introductions to each topic on below and then go to the appropriate
sections of the companion page for your browser when you need more information.

This is the easiest set of tasks to perform to protect your privacy and
security. Both of these tasks
involve deleting junk that your browser accumulates as you surf the web.

The URL history is a list of the URLs (addresses) for the web pages that
you visit so that you can return to those pages later. In short, it's a history
of the web sites you visit. This history list is what you see
when you hit the dropdown list for the address bar at the top of your browser or
use your back button (Internet Explorer) or Go button (Netscape).

The browser cache is a temporary storage location on your hard drive where your browser keeps
copies of the web pages that you visit (including all the text, images,
sounds, and videos that make up those web pages). Your browser keeps copies
of the web pages that you visit so that it can bring them up quickly should you
want to return to them, instead of downloading them all over again. It's much
faster to read a copy of a web page off your hard drive than it is to download
that page fresh.

So, What's the Problem?

If your browser uses a browser cache and URL history to help you find and
return to web pages speedily and conveniently, why would anyone want to
periodically clear the browser cache and URL history? Two reasons:

System performance: the browser cache (but not so much the URL
history) can accumulate an enormous amount of files, hundreds of megabytes
in some cases, and all of these files eventually become junk, slowing down
your system and your web browser -- clearing the junk from your browser
cache can speed up your system and make it perform more reliably;

Privacy: that browser cache and URL history are essentially two
different types records of what you do and where you go on the Internet, and
anyone with access to your machine can use what they find in your browser's
cache and URL history to learn a lot about you, what your interests are, and
what you've done on the Internet -- that's a potentially serious invasion of
privacy.

Terminology

A short note about terminology: I've referred here to something called a
browser cache. A cache (pronounced "cash," not "catch") is
simply a temporary storage area. Computers use caches to temporarily store data
until they can be moved to some other location. Your computer and its software
use many different types of caches for different reasons (usually to improve
performance).

For this discussion of browser privacy and security, we'll be talking about one particular cache that your browser uses to
temporarily store copies of web pages that you visit. That's called the browser
cache. Internet Explorer doesn't use the term browser cache, however. It uses
the term Temporary Internet Files instead. A browser cache and Temporary
Internet Files are, in fact, the same thing -- they're just different names for
the same cache.

Clearing the URL History & Browser Cache

All major web browsers allow you to clear the browser
cache and the URL history separately.

To learn how to clear the browser cache and URL history in Internet
Explorer,
see the Internet Explorer companion page HERE.

To learn how to clear the browser cache and URL history in Netscape
Communicator,
see the Netscape Communicator companion page HERE
and HERE.

To learn how to clear the browser cache and URL history in Netscape
7.0, see the
Netscape 7.0 companion page HERE
and HERE.

To learn how to clear the browser cache and URL history in the Mozilla
browser,
see the Mozilla companion page HERE
and HERE.

To learn how to clear the browser cache and URL history in Firefox, see the
Firefox companion page HERE
and HERE.

To learn how to clear the browser cache and URL history in Opera 6.0
& 7.0, see
the Opera 6.0/7.0 companion page HERE.

More Info

To get a better, more complete description of the URL history and browser
cache and what they're used for, see these pages:

Cookies are small "data tags" that store unique identifying
information from web sites so that those web sites can recognize you when you
return. In a sense, they're like name tags for your browser (but they don't
literally have your name in them).

If you've ever shopped at a web site and then returned at a later time, you
probably noticed that the web site seemed to recognize you when you came back.
They recognized you because the web site planted a unique cookie on your hard
drive. You might have also registered with a web site so that you could view
special content on the site; each time you returned to the site, the web site
let you right in instead of forcing you to log in every time (web mail services
like Hotmail or Yahoo! often do this). The web site could let
you in automatically because it recognized you from the cookie it stored on your
hard drive.

What's in a Cookie?

As I said, cookies are just small data tags --
chunks of information. They're actually quite small. Moreover, we can open up a
cookie and look at the contents. Let's take a peek inside a cookie and see
what's there. Here's a cookie that someone picked up from WIRED
News while surfing with Internet Explorer:

Notice that there are three main types of information:

unique id: this is a unique id number (8EBhe0dLdpEEtVvQeC,
in this case) that distinguishes this cookie from every other cookie that
WIRED.com assigned to other people who went to its web site -- this unique
id number is what allows the web site to distinguish you from other visitors
(no one else has a cookie with your cookie's unique id number);

web site: the cookie also lists the web site that placed the cookie
(wired.com, in this case) -- only
WIRED.com will be able to read this cookie because it belongs to WIRED.com;

other data: the numbers you see at the bottom contain more
information such as the date the cookie was set, the expiration date of the
cookie, and other info the web site might want to embed in the cookie.

That's it. That's all a cookie is: a small amount of data that web sites
place on your computer to help recognize you when you return to those web sites.

One other fact about cookies is useful to know: Internet Explorer, as
we saw above, stores cookies as individual text files -- one
cookie per file. Most other browser store cookies differently, however. Netscape,
Mozilla, and Firefox all store their cookies in a single
file (named cookies.txt), which looks like this:

You'll notice that these cookies (one per line) contain the same information
as the cookie we looked at above. Netscape, Mozilla, and Firefox
cookies are the same as Internet
Explorer cookies -- they're simply stored in slightly different ways on your hard
drive.

So, What's the Problem with Cookies?

If cookies can be so useful (doesn't everyone want to be recognized once
in a while?), why would anyone want to turn them off or delete them? The answer
is simple: to protect one's privacy.

We all like to be recognized in some
situations -- being recognized can be convenient and helpful, such as when you return to a
shopping site that you go to frequently. But we wouldn't want our behavior on
the Internet to be tracked all day, every day, from web page to web page by
advertisers and marketers. That would be like wearing a name tag all day long
and going through your day, knowing that your movements and actions were being
tracked and recorded for future reference. Imagine if someone tagged you at a
shopping mall, monitored which stores you went to and what you bought, and then
used that information to bombard you with junk mail, telemarketing calls, and
advertisements. That's essentially what cookies allow advertisers and marketers
and marketers on the Internet to do.

Here's how it all works: web sites often partner up with advertisers like Doubleclick,
which happens to be the largest advertising company on the Internet. Those
advertisers place banner ads on the web sites that they partner with. And
through those banner ads the advertisers attempt to place cookies on your system
from the advertisers themselves, not the web sites you're visiting. Those kinds
of cookies are known as third-party cookies: you're Party #1 visiting a web
site, which is Party # 2, but that web site has advertisements placed by
Doubleclick, which is now Party # 3, and Doubleclick places a cookie on your
system. The cookie you get isn't from the web site you're visiting, it's
from a third party that places banner ads on that site.

Now, let's say you leave that web site and go to another web site. Guess
what? That new web site also uses Doubleclick for banner ads, and Doubleclick
will read the cookie that you picked up at the previous web site and recognize
you as a visitor to that previous web site. And so it goes: Doubleclick (and
other advertisers) can now track and monitor your visits from web site to web
site, compiling data about where you go and what you do. That data about your
behavior is valuable, because it allows advertisers like Doubleclick to target
advertising directly at you based on your interests and activities -- that kind
of advertising is known as direct marketing. It's also an invasion of
privacy.

You may not have ever heard about Doubleclick, but Doubleclick most certainly
knows about you. If you've never deleted cookies from your hard drive, then you
undoubtedly have at least a few cookies from Doubleclick, and they've been using
those cookies to monitor your behavior on the Internet for some time, probably
from the very first day you brought home that brand new computer, logged on to
the Internet, and went surfing.

More Info

To learn more about cookies and why they're
used by web sites, see these pages:

To protect your privacy with cookies, you need to learn how to do two things:

configure the browser to accept or reject cookies;

selectively manage and delete cookies.

You need to learn how to perform both of these tasks because different
users will want to handle cookies in different ways. Some will simply want to
turn cookies off completely. Others, however, will want to accept cookies and
then delete some of them on a case-by-case basis, keeping a few cookies from web
sites that they visit frequently. You may even decide to change the way you
handle cookies at some point. If you know how to configure, manage, and delete
cookies, you'll have complete control over your browser's use of cookies.

All major web browsers handle cookies in slightly different
ways:

To learn how to configure cookies (accept/reject) in Internet Explorer,
see THIS
section of the companion web page (for
Internet Explorer 4 or 5),
and THIS section
for
Internet Explorer 6. To learn how to selectively manage
and delete cookies,
see THIS section.

To learn how to configure cookies (accept/reject) in Netscape
Communicator, see THIS
section of the companion web page for
Netscape Communicator. To learn how to selectively
manage and delete cookies in
Netscape Communicator, see THIS section.

To learn how to configure cookies (accept/reject) in Netscape 7.0, see THIS
section of the
companion web page for
Netscape 7.0. To learn how to selectively manage and delete cookies
in
Netscape 7.0, see THIS section.
And to learn how to use Netscape 7.0's Privacy Settings
to filter cookies (block and accept them selectively), see THIS
section.

To learn how to configure cookies (accept/reject) in Mozilla, see THIS
section of the
companion web page for Mozilla. To learn how to selectively manage and delete cookies
in Mozilla, see THIS section.
And to learn how to use Mozilla's Privacy Settings
to filter cookies (block and accept them selectively), see THIS
section.

To learn how to configure cookies (accept/reject) in Firefox, see THIS
section of the
companion web page for Firefox. To learn how to selectively manage and delete cookies
in Firefox, see THIS section.
And to learn how to use Firefox's Exceptions list to filter
cookies (block and accept them selectively), see THIS
section.

To learn how to configure cookies (accept/reject) in Opera 6.0 &
7.0, see THIS
section of
the companion web page for Opera 6.0/7.0. To learn how to set up cookie server
filters in
Opera 6.0 & 7.0, see THIS section.
And to learn how to delete cookies, see THIS
section.

3. Turn Off "Active Content" Features of the Browser

Your web browser can not only view static text and images on web pages, it can also
automatically run
programs that are embedded in those web pages. Programs that are embedded in web
pages are commonly referred to as "active content" to distinguish
them from the "static content" of plain text and images. Active
content -- programs that are
part of web pages -- can seem like a strange
concept, but if you've ever surfed the web, you have seen programs running
within web pages (and perhaps not even realized it):

If you've ever visited a web page that had objects moving around or jumping
about,
then you've seen active content;

If you've ever hit a web page that popped up other smaller web pages (esp.
advertisements), then you've seen active content in action;

If you've ever gone to a corporation's home page and been greeted with an
animated
cartoon of some sort, then you've seen active content in all its
glory.

All those things --moving objects, popup windows, and animation
sequences -- are
driven by small programs that your browser automatically downloads from a web page and runs,
just like your computer runs a program like Microsoft Word. (Note that in
describing "active content" as "embedded programs" I'm not referring here to normal programs that you deliberately download and
save -- these "active content" programs are different because they're
actually loaded as part of the web pages you visit.)

Active content is
popular with web developers (the folks who make web pages) because active
content like Java, ActiveX, and JavaScript enables them to build web page
elements that can do many powerful things that normal, static web pages cannot.
Active content is especially popular with advertisers who are always looking for
new gimmicks to call attention to their product advertisements on
web pages.

Types of Active Content

Not all active content is the same, however. Active content programs come in
several different varieties. All of these different types of active content
programs are created or built using different programming languages. Moreover,
some of the programs are plain text programs (which you can actually read if you
look at the HTML source code of a web page), while others are binary programs that are
readable only by computers (they'll look like gobbledygook if you open them up
and look at them yourself).

There are three main types of active content programs that web browsers use:

ActiveX controls: these are binary programs that are used only by Internet
Explorer
(ActiveX is a product of Microsoft);

Java applets: these are also binary programs that almost all web browsers
can run
(the Java programming language was created by Sun Microsystems);

Scripts: these are plain text programs that are embedded within web pages;
the most
common type of scripting language is JavaScript, which all browsers
can recognize
and run (JavaScript was created by Netscape).

Note: don't confuse Java applets with JavaScript -- though the names are
similar, they're two different things.

So, What's the Problem with Active Content?

If active content can be used to build so many cool, fun things to go
into web pages, why would anyone want to turn it off? There are several reasons:

to turn off annoying advertising: active content is often used by
advertisers and marketers to make advertisements on web pages that can be
annoying, even obnoxious -- if you've ever hit a web page that had a banner
ad moving all over your screen, or if you've had a blizzard of annoying ad
windows pop up in your face, you'll know exactly what I'm talking about;

to stop spyware being installed: spyware is an invasive type of
software that some web pages attempt to install on your computer without
your knowledge or permission, and this software often makes obnoxious,
unauthorized modifications to your web browser and computer in order to
monitor your behavior on the Internet and deliver advertising directly to
your desktop based on your behavior (that's called direct marketing) -- turn
off active content and you can prevent spyware from being installed behind
your back;

to protect your computer system: active content, esp.
ActiveX controls, are powerful technologies that can be exploited by malicious
people (hackers, crackers) in some circumstances to do damage to your system
-- "security holes" (software bugs) in these active content
technologies can allow malicious parties to build web pages that can siphon
potentially sensitive data off your system or delete files off your hard
drive when you visit those web pages.

Disabling Active Content

All major web browsers allow you to turn these active content types
on and off:

To learn how to configure active content in Internet Explorer, see the
companion web
page for Internet ExplorerHERE.

To learn how to configure active content in Netscape Communicator, see the
companion
web page for Netscape Communicator HERE.

To learn how to configure active content in Netscape 7.0, see the
companion web page for
Netscape 7.0 HERE. You
can also learn how to disable JavaScript-driven popups HERE.

To learn how to configure active content in Mozilla, see the
companion web page for
Mozilla HERE. You can
also learn how to disable JavaScript-driven popups HERE.

To learn how to configure active content in Firefox, see the
companion web page for
Firefox HERE. You
can also learn how to disable JavaScript-driven popups HERE.

To learn how to configure active content in Opera 6.0 & 7.0, see the
companion web page
for Opera 6.0/7.0 HERE.
You can also learn how to disable JavaScript-driven popups HERE.

More Info

If you'd like to learn a bit more about the various active content
technologies that I discussed above, see these web pages: